<?
##################################################################################
#   A Simple PHP GuestBook Script written by Andrea Cabibbo      #      ######   #
#   Feel free to use/modify/redistribute the code               # #     #        #
#   however please preserve this header.                       #   #    #        #
#                                                             #######   #        # 
#   If you find bugs or have suggestions, please contact     #       #  #        #
#   the author at http://wwww.cellbiol.com                  #         # ######   #
##################################################################################


# THE FOLLOWING VARIABLES SHOULD BE EDITED TO REFLECT YOUR ENVIRONMENT

#error_reporting(0);
$admin_pass='vroom';# CHANGE THIS TO YOU OWN!!! OTHERWISE ANYBODY COULD POTENTIALLY DELETE YOUR ENTRIES
$gbook_title='Rideshare Forum';
$gbook_name="index.html"; # CHANGE TO YOUR OWN! the name of the html guestbook file itself. THIS FILE MUST BE IN THE SAME DIRECTORY AS THIS PHP FILE AND MUST HAVE WRITE PERMISSIONS (666)
$gbook_url="http://www.nelsoncar.com/rideshare/forum/index.html"; # THE URL OF YOUR HTML GUESTBOOK FILE. Change to your own!
$admin_email="deryk@bluemandala.com"; # set to your e-mail address
$gbook_email="info@nelsoncar.com"; # will be in the From: field of messages sent by this script
$sendmail_onpost=0; # SET TO 1 IF YOU WANT TO GET A WARNING E-MAIL WHEN A NEW POST IS MADE
$sendmail_onspam=0; # SET TO 1 IF YOU WANT TO GET A WARNING E-MAIL WHEN A SPAM/ILLEGAL/BANNED IP POST ATTEMPT IS MADE. Spam that fails the image verification is NOT reported nor logged, you get an e-mail only if something is blocked by the keyword-based filters
# SET HERE THE WORDS THAT YOU DO NOT WISH USERS TO USE IN THE POST. COULD BE SPAM OR ADULT STRINGS AND FORBIDDEN HTML TAGS
$forbidden_strings=array("history\.go","src=\"javascript","<meta","http-equiv","offthebest","riverhouselodge","referatik","refe.ru","googlepages","online keno","scrubsystem","violetpots","bestdatingblogs","aahubs","actorsite","aboutlaw","ameranet","4noles","puttan","opfkf","cuteweblog","aaawebpage","screenplaysmag","blogcentro.com","reductil","wilsonriverartisans","luogo grande","lo gradisco","sekob.com","sexblogsite","phaa3","bennyb","teen sex","teen-sex","teensex","xxx","gay-movies","craps","datafarmdesign","saveplanet.net","systemdoctor","prescription-drug","ewqe","prescription drug","online slots","slots online","play slots","vitosfromsicily.com","atlantawebpackages","baccarat","rkpayne.com","invisionlasercenter.com","terrysmazda.com","plongee83.com","collinsdollnissan.com","andycagliarealty.com","whiterockagent.com","alumafence.com","penis","black jack","black-jack","elcom-inc.com","interfree.it","praize.com","elcom-inc","laketahoerez","computerpro-atl","laketahoerez","cherryfalls","hold em","hold-em","hazelshideaway","p-65.com","holdem","boltscarcare","ccwgroup","ambersells","boltscarcare","myteeundercar","whyreadthepaper","puebloairmotive","loan","faststartdirect.com","bondage","canalblog","kaotek","fullrxlist","effexor","fluoxetine","fowlplayer.com","blackjack","roulette","gammon","texas-holdem","pvgbw.org","megs.com","mb.com","250m.com","hydroc","fastpages.com","zolam","domaindlx","yourfreespace.net","50megs","fullka","celebrex","zepam","batcave.net","phenter","741.com","501megs.com","bestklik.info","seklik.com","125mb.com","freeadult","usapages","sweethost","esubahost","freehostonline.com","republika.pl","refinanc","insurance","barashka","huylo","20mbweb.com","sekob.com","beam.to","adipex","virtualklik","ringto","ripway.com","ownsthis","yourfreespace.net","levitra","meridia","\[u","tramadol","net4free","ambien","zolof","smutstars","netscape.com","tamiflu","xanax","valium","propecia","gruagrua","viagr","vicod","ciali","acne","porno","lesbian movie","lesbian-movie","cutpage.com","sekob.com","winantispyware","winfix","cutepage.com","rogalik","onesite.com","mandsstudiopa","sekob.com","pharmac","suck","fuck","tits","mortgage","bad credi","shit","poker","myteeundercar","casino","xxxnations","cock","<.*embed","iframe","<h","<script","<.*!--","COMMENTS-START");
$banned_ips=array("123.221.331.21","111.122"); # these are just examples. You can ban entire classes/sets of ip addresses by listing the initial numbers only
# END REQUIRED VARIABLES. YOU CAN CUSTOMIZE THE OUTPUT OF THE SCRIPT ON THE WEB OR BY E-MAIL BY EDITING THE FOLLOWING VARIABLES
$max_message_length=2500; # maximum allowed number of characters for a message 
$max_word_length=80; # this prevents a malicious user from posting a long uninterrupted string that might disrupt the guestbook page layout
$last_message_to_top=1; # set to 1 if you want the last post to be the upper one in the page, or to 0 if you want the last post to be at the buttom
$confirm='<META HTTP-EQUIV="refresh" CONTENT="2; url='.$gbook_url.'" >'.'If you are not redirected automatically, you can go back to the guestbook by clicking here: <A HREF="'.$gbook_url.'">Guestbook</A>'; # SCREEN MESSAGE GIVEN TO THE USER AFTER POST
$ip_addr=$_SERVER['REMOTE_ADDR'];# DO NOT MODIFY THIS LINE, getting the poster's IP
$confirm2='Your IP: '.$ip_addr.' status: logged';# SCREEN MESSAGE GIVEN TO THE USER ON SPAM/ILLEGAL POST
# $email_mssg1="There is a new post in your guestbook at the following address:\n".$gbook_url; # this variable is now moved around line 400-450 of the script
$email_mssg2="There was a spam/illegal post attempt or a post attempt from a banned IP in your guestbook at the following address:\n".$gbook_url."\nThis was apparently from a human, as it passed the image verification but was blocked by the keyword filters. \nWe remind you that spam attempts that fail the image verification are not reported nor logged";# content of e-mail sent on new spam attempt or post from banned IP
$email_subj1='Message from your Guestbook: new post'; # subject of the email warning of a new post
$email_subj2='Message from your Guestbook: spam attempt'; # subject of the email warning of a new spam attempt/banned IP post
# log file name
$logfile="gbook_log.txt";
$date=date('H:i, d m Y');# getting the current date and time

$posts_file="posts.txt";
$p_template='<P><B>Name: </B> $namep <BR><B>E-mail: </B> $emailp <BR><B>Date Posted: </B> $datep <BR><B>Message: </B> $messp <HR width=300 align=left>\n'; # THIS IS THE HTML TEMPLATE FOR THE POSTS
$admin_template='<TR><TD valign=top><input type=checkbox name=$cbname value=on></TD><TD valign=top>$postid_a</TD><TD valign=top>$date_a <BR>From IP: $ip_a</TD><TD valign=top width=60%><B>Name: </B>$name_a &nbsp;&nbsp;&nbsp;&nbsp;<B>E-mail: </B>$email_a<P>$mess_a</TD></TR>\n'; # THIS IS THE ADMIN TEMPLATE FOR THE POSTS
# IMAGE VERIFICATION
$enable_image_verification_step=1; # set this to 0 if you want to disable the image verification step for any reason 
# DO NOT EDIT BEYOND THIS POINT UNLESS YOU KNOW WHAT YOU ARE DOING
$use_sessions=1; # on some PHP versions sessions might not work with the code used in this script. If so, set to 0. When set to 0, a temp file will be used to store the security code, instead of a session object

# A little function to send an e-mail
function msendmail ($from,$to,$subj,$mess){
mail($to,$subj,$mess,"From: $from\n");
}

# a function that updates the html guestbook file based on the flatfile

function UpdateHTMLguestbook ($flatfile,$html_file,$post_template,$last_message_to_top) #flatfile is called $posts_file in this script and $html_file is called $gbook_name
{ 


    $posts1=file($flatfile);# the file function reads the file in an array with an element for each line
    $posts2=array();
    foreach($posts1 as $post){
    $spl_post=preg_split('/;/',$post); # we create an array that contains all the fields for each post in the posts file
    $posts2[]=$spl_post; # and then add it to the posts2 array
    }
    $f_post1='';
    foreach($posts2 as $post){
    $namep=$post[2];
    #echo $namep;
    $emailp=$post[3];
    $datep=$post[4];
    $messp=$post[5];
    eval("\$f_post = \"$post_template\";"); # creating the html line for the post based on the post template defined at the top of the script
    #echo "<p>this is the f_post variable".$f_post;
    if ($last_message_to_top==0){$f_post1=$f_post1.$f_post;} # on each iteration we add the html line to the $f_post1 variable. At the end this variable will contain the full html for the posts to be placed on the guestbook html file
    elseif ($last_message_to_top==1){$f_post1=$f_post.$f_post1;}
    #echo "  3333".$f_post1."  3333";
    }
    
    # following 2 line, restoring the ; originaly present in the message
    $f_post22=preg_split('/&&&&#/',$f_post1);
    $f_post1=implode(";",$f_post22);
    
    $post=$f_post1; # we rename the html for the posts to $post
    $g_content=file_get_contents($html_file); # getting the whole html guestbook contents
    #echo $g_content;
    $comstart_reg="/<!-- COMMENTS-START -->.*\\n/";
    $comstart="<!-- COMMENTS-START -->\n";
    $comend_reg="/<!-- COMMENTS-END -->.*\\n/";
    $comend="<!-- COMMENTS-END -->\n";
    $chars = preg_split($comstart_reg, $g_content); # we split in 2 the html guestbook file bu using the comments start regular expression
    $chars2 = preg_split($comend_reg, $chars[1]); # the second part is further split in 2 to separate the messages from the footer 
    $len_c2=count($chars2); # this will be =1 if the comments end tag is not there, or = 2 if it is there
    if($len_c2==1){$chars3=$chars2[0];}# maybe the end tag is not there (upgrade from old version of the script), in this case everything after the start tag is treated like a footer
    elseif($len_c2==2){$chars3 = $chars2[1];} # this is the footer of the guestbook page
    #if ($last_message_to_top==1){$contents=$chars[0].$comstart.$post.$chars[1];}
    $contents=$chars[0].$comstart.$post.$comend.$chars3; # we re-build the guestbook html page by putting together all the pieces
    $fp = fopen($html_file, "w");
    $write = fputs($fp, $contents); # and then write this to the guestbook file
    fclose($fp);
    #echo "guestbook html file updated correctly<P>";
} #end function definition UpdateHTMLguestbook

function CreateAdminPage ($flatfile, $administration_template,$gbook_url,$gbook_title,$posted_pass ) # this creates and display the admin interface starting from the flatfile
{
    $posts1=file($flatfile);# the file function reads the file in an array with an element for each line
    $posts2=array();
    foreach($posts1 as $post){
    $spl_post=preg_split('/;/',$post);
    $posts2[]=$spl_post;
    }
    $adm_pag1='';
    foreach($posts2 as $post){
    $postid_a=$post[0];
    $cbname=post.$post[0];
    $ip_a=$post[1];
    $name_a=$post[2];
    $email_a=$post[3];
    $date_a=$post[4];
    $mess_a=Truncate(htmlspecialchars($post[5]));
    eval("\$adm_pag = \"$administration_template\";");
    $adm_pag1=$adm_pag1.$adm_pag;
    }
    echo '<style type="text/css"> 
    h1 { font-family:verdana; font-size:20px; line-height:150%}
    h2 { font-family:verdana; font-size:18px; line-height:150%}
    .splink { cursor:pointer;  font-family:verdana; font-size:10px; font-weight:bold; line-height:150%; color:blue}
     * {  font-family:verdana; font-size:11px; line-height:150%}
    </style>';
    echo "<H1>Welcome to the <A HREF=$gbook_url>$gbook_title</A> Admin section</H1>";
    echo '<H2>In this page you can delete messages posted to your guestbook</H2><P>';
    echo '<form action="" method=post>'."\n";
    #echo 'test checkbox <input type="checkbox" name="pippo" value="on"><P>';
    echo '<table width="80%" cellpadding=10 border=1 bordercolor=blue>'."\n";
    echo "<TR bgcolor=blue><TD><B><font color=white>Select</font></B></TD><TD><B><font color=white>Message Id</font></B></TD><TD><B><font color=white>Date Posted/IP</font></B></TD><TD><B><font color=white>Message</font></B></TD></TR>\n";
    echo $adm_pag1;
    echo "</TABLE>\n";
    echo "<input type=hidden name=adpass value=".$posted_pass.">\n";
    echo "<input type=hidden name=user value=admin>\n";
    echo "<input type=hidden name=task value=delete>\n";
    echo "<input type=submit value=delete selected messages>\n";
    
    die();

}

# fuction to write to the log file
function writelog($filename,$text){
  #echo("writing the log file");
  $fp = fopen($filename, "a");
  $write = fputs($fp, $text);
  fclose($fp);
} # end function definition writelog

function Truncate ($str, $length=300, $trailing='.....')  
{ 
      // take off chars for the trailing 
      $length-=strlen($trailing); 
      if (strlen($str) > $length)  
      { 
         // string exceeded length, truncate and add trailing dots 
         return substr($str,0,$length).$trailing; 
      }  
      else  
      {  
         // string was already short enough, return the string 
         $res = $str;  
      } 
   
      return $res; 
} 

# GETTING THE VARIABLES POSTED THROUGH THE FORM
$user=$_POST['user'];
$task=$_POST['task'];
$posted_pass=$_POST['adpass'];

if($user=='admin' and $task=='show'){  # if there is a call for the administration page 
  if($posted_pass==$admin_pass){ # and if the password is correct 
    CreateAdminPage ($posts_file, $admin_template,$gbook_url,$gbook_title,$posted_pass);  # the administration page is shown
  }
  else{die('wrong password');}  # else it is not shown
}
elseif($user=='admin' and $task=='delete'){ # if there is a 'delete' call coming from the administration page
  if($posted_pass==$admin_pass){
    $posts1=file($posts_file);# the file function reads the file in an array with an element for each line
    $posts2=array();
    foreach($posts1 as $post){
    $spl_post=preg_split('/;/',$post);
    $post_id=$spl_post[0];
    $post_form_field=post.$post_id;
    $post_value = $_POST[$post_form_field];
    if($post_value==''){$post_value='off';}
    #echo "il valore di post per il post $post_form_field e' pari a $post_value<P>";
    #eval("\$post_value = \"$_POST[$post_form_field]\";");
    #echo 'analysing post '.$post_form_field.' with value'.$post_value.'<P>';
    #echo 'a test '.$_POST['post2'];
    #echo 'and here are all values: <P>';
    #foreach ($_POST as $key => $value) {
    #echo "Chiave: $key; Valore: $value<br>\n";
    #}
    if ($post_value=='off'){$posts2[]=$post;}
    #elseif($post_value=='on'){echo "post $post_form_field not added to the winning list<P>";}
    }
    $posts3='';
    foreach ($posts2 as $post){
    $posts3=$posts3.$post;
    }
    $fp = fopen($posts_file, "w");
    $write = fputs($fp, $posts3);
    fclose($fp);
    
    # the following code updates the html guestbook file based on the posts.txt file contents (the flatfile database of the posts)
    
   UpdateHTMLguestbook ($posts_file,$gbook_name,$p_template,$last_message_to_top);
  
    die('message(s) deleted successfully, You can go back to the <A HREF='.$gbook_url.'>Guestbook</A> ' );



}
else {die('not authorized');}
}

$name=$_POST['name'];
if ($name==''){die("Name field empty, please go back and try again");}# the script stops if the name is missing
$email=$_POST['email'];
# GETTING THE MESSAGE AND THEN CHECKING FOR LENGTH PROBLEMS
$message=$_POST['message'];
if ($message==''){die("Message field empty, please go back and try again");}# the script stops if the message is missing
if (strlen($message)>$max_message_length){die ("Your message is longer than $max_message_length characters, please go back and try again, thank you");}
# CHECKING FOR TOO LONG WORDS THAT COULD BREAK THE PAGE DESIGN
$mescheck1=preg_split('/ /',$message); 
foreach($mescheck1 as $value)
{
if (strlen($value)>$max_word_length){die("Some words in your message are too long. Please go back and try again, thank you");}
}
$message=preg_split('/;/',$message);
$message=implode("&&&&#",$message);

$imgverify=$_POST['imgverify'];
$random=$_POST['random'];

# CAPTCHA VERIFICATION
if ($imgverify=='' and $enable_image_verification_step==1)
{

# CAPTCHA IMAGE VERIFICATION
// Date in the past 
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 
// always modified 
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); 
// HTTP/1.1 
header("Cache-Control: no-store, no-cache, must-revalidate"); 
header("Cache-Control: post-check=0, pre-check=0", false); 
// HTTP/1.0 
header("Pragma: no-cache"); 

# this code was adapted from an image verification code found on http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=739&lngWId=8, by Darryl Porter 
/*header*/
#Header("Content-Type: image/png");
/* initialize a session. */
if ($use_sessions==1){session_start();}
/*We'll set this variable later.*/
$new_string;
/*register the session variable. */
#session_register('new_string'); OLD WAY OF HANDLING THE SESSION VARIABLE
/*You will need these two lines below.*/
echo "<html><head><title>The PHP Guestbook Turing Test</title>";
echo '<META HTTP-EQUIV="Cache-Control" CONTENT="no-store"><META HTTP-EQUIV="Cache-Control" CONTENT="no-cache"><META HTTP-EQUIV="Cache-Control" CONTENT="must-revalidate"><META HTTP-EQUIV="pragma" CONTENT="no-cache"><META HTTP-EQUIV="Expires" CONTENT="Tue, 26-Oct-1965 12:00:00"><META HTTP-EQUIV="Expires" CONTENT="NOW"><META HTTP-EQUIV="last modified" CONTENT="NOW">';
echo '</head>';
echo "<body bgcolor='#CCCC99' >";
/* set up image, the first number is the width and the second is the height*/
$im = ImageCreate(100, 30); 
/*creates two variables to store color*/
#randomiziong the background color
srand((double)microtime()*1000000);
$selbgcol=rand(1,5);
if($selbgcol==1){
$captcha_bg_color = ImageColorAllocate($im, 198, 24, 0);#RED
}
elseif($selbgcol==2){
$captcha_bg_color  = ImageColorAllocate($im, 0, 0, 0);#BLACK
}
elseif($selbgcol==3){
$captcha_bg_color  = ImageColorAllocate($im, 43, 130, 26);#GREEN
}
elseif($selbgcol==4){
$captcha_bg_color  = ImageColorAllocate($im, 255, 153, 0);#ORANGE
}
elseif($selbgcol==5){
$captcha_bg_color  = ImageColorAllocate($im, 0, 88, 238);#BLUE   
}

$white = ImageColorAllocate($im, 255, 255, 255);
#$black = ImageColorAllocate($im, 0, 0, 0);
/*random string generator.*/
/*The seed for the random number*/
srand((double)microtime()*1000000); 
/*Runs the string through the md5 function*/
$string = md5(rand(0,9999)); 
/*creates the new string. */
$new_string = substr($string, 17, 5);
# NEW WAY OF HANDLING THE SESSION VARIABLE COMPATIBLE WITH PHP BEYOND 4.2.3
if ($use_sessions==1){$_SESSION['new_string'] = $new_string ;} # this is a newer session code, the older code did not work with php 5
elseif ($use_sessions==0) {
$fp = fopen('temp_code.txt', "w");
$write = fputs($fp, $new_string);
fclose($fp);
}
/*fill image with background color*/
ImageFill($im, 0, 0, $captcha_bg_color);
/*writes string */
ImageString($im, 10, 28, 7, $new_string, $white); 
/* output to browser*/
ImagePNG($im, "verify.png");
ImageDestroy($im); 

#some manip of the message
$mess1=stripslashes($message);
$mess2=preg_split("/'/",$mess1);  
$mess=implode("####",$mess2);

/*I plugged our image in like I would any other image.*/
echo "<br><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"verify.png\">";
echo "<br><br>";
echo "Type the code you see in the image in the box below. (case sensitive)";
echo "<P><B><font color=red>Important:</font></b><BR>If this is not the first message you have submitted in the last minutes, you might have to reload this page to get a new, valid code";
echo '<form action="" method=post>';
echo '<input name="random" type="text">';
echo '<input type="hidden" name="imgverify" value="verification">';
echo '<input type="hidden" name="name" value="'.$name.'">';
echo '<input type="hidden" name="email" value="'.$email.'">';
echo "<input type=\"hidden\" name=\"message\" value='".$mess."'>";
echo '&nbsp;<input type="submit" value="Continue">';

echo "</form>";
echo "</body>";
echo "</html>";

}

elseif ($imgverify==verification or $enable_image_verification_step==0)
{
if ($imgverify==verification){
if ($use_sessions==1){session_start(); }
$random = trim($random);
#if ($new_string == $random){$verif=1;} this was with the old session handling
if ($use_sessions==1){
if ($_SESSION['new_string'] == $random){$verif=1;}# changed this line to use the new session handling with $_SESSION
else{$verif=0;}
$_SESSION['new_string']="";
session_destroy();
}
} 
elseif($use_sessions==0){
$the_code=trim(file_get_contents('temp_code.txt'));
unlink('temp_code.txt');
if ($the_code == $random){$verif=1;} 
else{$verif=0;}
}



elseif($enable_image_verification_step==0){$verif=1;}

if ($verif==1){  # if the image verification step is passed, or if it was disabled in the configuration variables


# CHECKING IF THE GUESTBOOK IS WRITABLE
$gbook_perms = substr(sprintf('%o', fileperms($gbook_name)), -4);
if ($gbook_perms>=666){
$gbook_writable=1; 
}
else{$gbook_writable=0;}
if ($gbook_writable==0){die("The Guestbook html file is not writable! Check the file permissions and try again. Good Luck.");}


# CHECKING IF THE LOG FILE IS THERE, AND IF IT IS WRITABLE


if (file_exists($logfile) == true){
$log_exists=1;
#echo('the log file exists<P>');
$log_perms = substr(sprintf('%o', fileperms($logfile)), -4);
if ($log_perms>=666){
$log_writable=1; 
#echo('the log is writable<P>');
}
else{$log_writable=0;
#echo('the log is NOT writable<P>');
}
}
else{
$log_exists=0;
$log_writable=0;
}
#echo('the log file does not exist<P>');

 
#echo('the $log_exists variable is set to: '.$log_exists.'<P>');
#echo('the $log_writable variable is set to: '.$log_writable.'<P>');
# FORMATTING THE POST FOR THE WEB. YOU CAN EDIT THE HTML IN THE '$post' VARIABLE TO CHANGE THE APPEARANCE OF YOUR POSTS AND ADAPT IT TO YOUR WEB LAYOUT
$fmess1=preg_split('/\\r\\n|\\n|\\r/',$message);  
$fmess=implode("<BR>",$fmess1);
$fmess2=stripslashes($fmess);
$fmess2=preg_split('/####/',$fmess2);  
$fmess2=implode("'",$fmess2);




# CHECKING THE POST FIELDS FOR FORBIDDEN ENTRIES
$check=0; # check 0 means that the post is OK as far as forbidden strings and IP are OK. We start by setting this to OK and then make it =1 if something goes wrong
foreach($forbidden_strings as $value)
{
if (preg_match('/'.$value.'/'.i,$name)==1){
$check=1;}
if (preg_match('/'.$value.'/'.i,$email)==1){
$check=1;}
if (preg_match('/'.$value.'/'.i,$message)==1){
$check=1;}
}
# IS THE IP OF THE POSTER IN THE BANNED LIST?
foreach($banned_ips as $value)
{
if(preg_match('/^'.$value.'/',$ip_addr)){
$check=1;}
}
#echo("status of check variable is: ");
#echo($check."<P>");




# WRITING THE POST TO THE GUESTBOOK IF THE WORDS AND IP CHECKS WERE PASSED
if($check==0){
########## WRITING THE FLAT FILE ########    this is done only if the forbidden words and the IP checks are passed
if (file_exists($posts_file) == false){$fp = fopen($posts_file,"w");fclose($fp);}# if flat file does not exists, we create it
$posts1=file($posts_file);# the file function reads the file in an array with an element for each line
#$posts1=preg_split('/\\r\\n|\\n|\\r/',$pf_contents);
$num_posts=count($posts1);
$lpi=$num_posts-1; # last post index
#echo "there are $num_posts posts<P>";
$last_post=preg_split('/;/',$posts1[$lpi]);
$last_post_id=$last_post[0];
if($last_post_id==''){$last_post_id=0;}
$post_id=$last_post_id+1;
$new_line="$post_id;$ip_addr;$name;$email;$date;$fmess2\n";
$fp = fopen($posts_file, "a");
$write = fputs($fp, $new_line);
fclose($fp);
######### READING THE FLAT FILE FOR WRITING TO THE GUESTBOOK HTML FILE ########

#$g_content=file_get_contents($gbook_name);
#echo($g_content);
UpdateHTMLguestbook ($posts_file,$gbook_name,$p_template,$last_message_to_top);
echo($confirm);
$email_mssg1="There is a new post in your guestbook at the following address:\n".$gbook_url."\n\nThe following message was posted:\n\n".$post_log; # content of e-mail sent on new post

if ($sendmail_onpost==1){
msendmail($gbook_email,$admin_email,$email_subj1,$email_mssg1);
#echo('THE EMAIL WAS SENT');
}

} # end of 'if checks passed' code block

#else {echo('WHAT THE HECK');}

# IF THE CHECKS ARE NOT PASSED:
else{
echo($confirm2);
if ($sendmail_onspam==1){
msendmail($gbook_email,$admin_email,$email_subj2,$email_mssg2);
}
}

$post_log=stripslashes("\n<ENTRY>\nName: ".$name."\nE-Mail: ".$email."\nMessage: ".$message."\nDate Posted ".$date."\nFROM IP: ".$ip_addr."\n</ENTRY>\n"); # formatting for the log file
##echo('This is the post formatted for the log: <P>'.$post_log);
# WRITING THE LOG FILE
if ($log_exists==1 && $log_writable==1){
writelog($logfile,$post_log); # the post is logged even if the checks are not passed.
#else{echo('<P>Log Not written');}
#echo($confirm);
}
} # end block 'if the checkpoints are not passed'


else {die("Unable to verify that you are a humam being: Turing Test Failed. <P>If you are sure you entered the right code and still see this page try the following:<BR><LI>press the browser back button and reload the page with the code. If it says that the page has expired, do you want to resend data, choose yes.<LI>On the page with the new image code you get, type in the new code in the text box and resubmit, it should work fine");}

} # end of the block executed if the image verification was passed or was disabled

?>

